--- a/wp/wp-includes/embed.php Thu Sep 29 08:06:27 2022 +0200
+++ b/wp/wp-includes/embed.php Fri Sep 05 18:40:08 2025 +0200
@@ -14,7 +14,7 @@
*
* @since 2.9.0
*
- * @global WP_Embed $wp_embed
+ * @global WP_Embed $wp_embed WordPress Embed object.
*
* @param string $id An internal ID/name for the handler. Needs to be unique.
* @param string $regex The regex that will be used to see if this handler should be used for a URL.
@@ -32,7 +32,7 @@
*
* @since 2.9.0
*
- * @global WP_Embed $wp_embed
+ * @global WP_Embed $wp_embed WordPress Embed object.
*
* @param string $id The handler ID that should be removed.
* @param int $priority Optional. The priority of the handler to be removed. Default 10.
@@ -73,7 +73,7 @@
$width = 500;
}
- $height = min( ceil( $width * 1.5 ), 1000 );
+ $height = min( (int) ceil( $width * 1.5 ), 1000 );
/**
* Filters the default array of embed dimensions.
@@ -230,7 +230,7 @@
*
* @since 4.0.0
*
- * @global WP_Embed $wp_embed
+ * @global WP_Embed $wp_embed WordPress Embed object.
*
* @param array $matches The RegEx matches from the provided regex when calling
* wp_embed_register_handler().
@@ -244,7 +244,7 @@
$embed = $wp_embed->autoembed( sprintf( 'https://youtube.com/watch?v=%s', urlencode( $matches[2] ) ) );
/**
- * Filters the YoutTube embed output.
+ * Filters the YouTube embed output.
*
* @since 4.0.0
*
@@ -336,10 +336,10 @@
$output = '';
if ( is_singular() ) {
- $output .= '<link rel="alternate" type="application/json+oembed" href="' . esc_url( get_oembed_endpoint_url( get_permalink() ) ) . '" />' . "\n";
+ $output .= '<link rel="alternate" title="' . _x( 'oEmbed (JSON)', 'oEmbed resource link name' ) . '" type="application/json+oembed" href="' . esc_url( get_oembed_endpoint_url( get_permalink() ) ) . '" />' . "\n";
if ( class_exists( 'SimpleXMLElement' ) ) {
- $output .= '<link rel="alternate" type="text/xml+oembed" href="' . esc_url( get_oembed_endpoint_url( get_permalink(), 'xml' ) ) . '" />' . "\n";
+ $output .= '<link rel="alternate" title="' . _x( 'oEmbed (XML)', 'oEmbed resource link name' ) . '" type="text/xml+oembed" href="' . esc_url( get_oembed_endpoint_url( get_permalink(), 'xml' ) ) . '" />' . "\n";
}
}
@@ -426,7 +426,7 @@
* @param string $embed_url The post embed URL.
* @param WP_Post $post The corresponding post object.
*/
- return esc_url_raw( apply_filters( 'post_embed_url', $embed_url, $post ) );
+ return sanitize_url( apply_filters( 'post_embed_url', $embed_url, $post ) );
}
/**
@@ -510,11 +510,13 @@
esc_attr( $secret )
);
- // Note that the script must be placed after the <blockquote> and <iframe> due to a regexp parsing issue in
- // `wp_filter_oembed_result()`. Because of the regex pattern starts with `|(<blockquote>.*?</blockquote>)?.*|`
- // wherein the <blockquote> is marked as being optional, if it is not at the beginning of the string then the group
- // will fail to match and everything will be matched by `.*` and not included in the group. This regex issue goes
- // back to WordPress 4.4, so in order to not break older installs this script must come at the end.
+ /*
+ * Note that the script must be placed after the <blockquote> and <iframe> due to a regexp parsing issue in
+ * `wp_filter_oembed_result()`. Because of the regex pattern starts with `|(<blockquote>.*?</blockquote>)?.*|`
+ * wherein the <blockquote> is marked as being optional, if it is not at the beginning of the string then the group
+ * will fail to match and everything will be matched by `.*` and not included in the group. This regex issue goes
+ * back to WordPress 4.4, so in order to not break older installs this script must come at the end.
+ */
$output .= wp_get_inline_script_tag(
file_get_contents( ABSPATH . WPINC . '/js/wp-embed' . wp_scripts_get_suffix() . '.js' )
);
@@ -537,7 +539,7 @@
*
* @since 4.4.0
*
- * @param WP_Post|int $post Post object or ID.
+ * @param WP_Post|int $post Post ID or post object.
* @param int $width The requested width.
* @return array|false Response data on success, false if post doesn't exist
* or is not publicly viewable.
@@ -575,7 +577,7 @@
);
$width = min( max( $min_max_width['min'], $width ), $min_max_width['max'] );
- $height = max( ceil( $width / 16 * 9 ), 200 );
+ $height = max( (int) ceil( $width / 16 * 9 ), 200 );
$data = array(
'version' => '1.0',
@@ -625,12 +627,13 @@
wp_parse_url( $url ),
array(
'host' => '',
+ 'port' => null,
'path' => '/',
)
);
$qv = array(
- 'domain' => $url_parts['host'],
+ 'domain' => $url_parts['host'] . ( $url_parts['port'] ? ':' . $url_parts['port'] : '' ),
'path' => '/',
'update_site_meta_cache' => false,
);
@@ -963,7 +966,7 @@
if ( ! empty( $content[1] ) ) {
// We have a blockquote to fall back on. Hide the iframe by default.
- $html = str_replace( '<iframe', '<iframe style="position: absolute; clip: rect(1px, 1px, 1px, 1px);"', $html );
+ $html = str_replace( '<iframe', '<iframe style="position: absolute; visibility: hidden;"', $html );
$html = str_replace( '<blockquote', '<blockquote class="wp-embedded-content"', $html );
}
@@ -1057,18 +1060,22 @@
}
/**
- * Prints the CSS in the embed iframe header.
+ * Enqueues the CSS in the embed iframe header.
*
- * @since 4.4.0
+ * @since 6.4.0
*/
-function print_embed_styles() {
- $type_attr = current_theme_supports( 'html5', 'style' ) ? '' : ' type="text/css"';
- $suffix = SCRIPT_DEBUG ? '' : '.min';
- ?>
- <style<?php echo $type_attr; ?>>
- <?php echo file_get_contents( ABSPATH . WPINC . "/css/wp-embed-template$suffix.css" ); ?>
- </style>
- <?php
+function wp_enqueue_embed_styles() {
+ // Back-compat for plugins that disable functionality by unhooking this action.
+ if ( ! has_action( 'embed_head', 'print_embed_styles' ) ) {
+ return;
+ }
+ remove_action( 'embed_head', 'print_embed_styles' );
+
+ $suffix = wp_scripts_get_suffix();
+ $handle = 'wp-embed-template';
+ wp_register_style( $handle, false );
+ wp_add_inline_style( $handle, file_get_contents( ABSPATH . WPINC . "/css/wp-embed-template$suffix.css" ) );
+ wp_enqueue_style( $handle );
}
/**
@@ -1092,7 +1099,13 @@
* @return string The filtered content.
*/
function _oembed_filter_feed_content( $content ) {
- return str_replace( '<iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; clip: rect(1px, 1px, 1px, 1px);"', '<iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted"', $content );
+ $p = new WP_HTML_Tag_Processor( $content );
+ while ( $p->next_tag( array( 'tag_name' => 'iframe' ) ) ) {
+ if ( $p->has_class( 'wp-embedded-content' ) ) {
+ $p->remove_attribute( 'style' );
+ }
+ }
+ return $p->get_updated_html();
}
/**
@@ -1151,29 +1164,35 @@
if ( is_404() ) {
return;
}
+
+ $unique_suffix = get_the_ID() . '-' . wp_rand();
+ $share_tab_wordpress_id = 'wp-embed-share-tab-wordpress-' . $unique_suffix;
+ $share_tab_html_id = 'wp-embed-share-tab-html-' . $unique_suffix;
+ $description_wordpress_id = 'wp-embed-share-description-wordpress-' . $unique_suffix;
+ $description_html_id = 'wp-embed-share-description-html-' . $unique_suffix;
?>
<div class="wp-embed-share-dialog hidden" role="dialog" aria-label="<?php esc_attr_e( 'Sharing options' ); ?>">
<div class="wp-embed-share-dialog-content">
<div class="wp-embed-share-dialog-text">
<ul class="wp-embed-share-tabs" role="tablist">
<li class="wp-embed-share-tab-button wp-embed-share-tab-button-wordpress" role="presentation">
- <button type="button" role="tab" aria-controls="wp-embed-share-tab-wordpress" aria-selected="true" tabindex="0"><?php esc_html_e( 'WordPress Embed' ); ?></button>
+ <button type="button" role="tab" aria-controls="<?php echo $share_tab_wordpress_id; ?>" aria-selected="true" tabindex="0"><?php esc_html_e( 'WordPress Embed' ); ?></button>
</li>
<li class="wp-embed-share-tab-button wp-embed-share-tab-button-html" role="presentation">
- <button type="button" role="tab" aria-controls="wp-embed-share-tab-html" aria-selected="false" tabindex="-1"><?php esc_html_e( 'HTML Embed' ); ?></button>
+ <button type="button" role="tab" aria-controls="<?php echo $share_tab_html_id; ?>" aria-selected="false" tabindex="-1"><?php esc_html_e( 'HTML Embed' ); ?></button>
</li>
</ul>
- <div id="wp-embed-share-tab-wordpress" class="wp-embed-share-tab" role="tabpanel" aria-hidden="false">
- <input type="text" value="<?php the_permalink(); ?>" class="wp-embed-share-input" aria-describedby="wp-embed-share-description-wordpress" tabindex="0" readonly/>
+ <div id="<?php echo $share_tab_wordpress_id; ?>" class="wp-embed-share-tab" role="tabpanel" aria-hidden="false">
+ <input type="text" value="<?php the_permalink(); ?>" class="wp-embed-share-input" aria-label="<?php esc_attr_e( 'URL' ); ?>" aria-describedby="<?php echo $description_wordpress_id; ?>" tabindex="0" readonly/>
- <p class="wp-embed-share-description" id="wp-embed-share-description-wordpress">
+ <p class="wp-embed-share-description" id="<?php echo $description_wordpress_id; ?>">
<?php _e( 'Copy and paste this URL into your WordPress site to embed' ); ?>
</p>
</div>
- <div id="wp-embed-share-tab-html" class="wp-embed-share-tab" role="tabpanel" aria-hidden="true">
- <textarea class="wp-embed-share-input" aria-describedby="wp-embed-share-description-html" tabindex="0" readonly><?php echo esc_textarea( get_post_embed_html( 600, 400 ) ); ?></textarea>
+ <div id="<?php echo $share_tab_html_id; ?>" class="wp-embed-share-tab" role="tabpanel" aria-hidden="true">
+ <textarea class="wp-embed-share-input" aria-label="<?php esc_attr_e( 'HTML' ); ?>" aria-describedby="<?php echo $description_html_id; ?>" tabindex="0" readonly><?php echo esc_textarea( get_post_embed_html( 600, 400 ) ); ?></textarea>
- <p class="wp-embed-share-description" id="wp-embed-share-description-html">
+ <p class="wp-embed-share-description" id="<?php echo $description_html_id; ?>">
<?php _e( 'Copy and paste this code into your site to embed' ); ?>
</p>
</div>